Secure Remote Authentication of Local Machine Services Using Secret Sharing

ABSTRACT

A method for authentication of a computing device so that shares of a secret may be delivered, over a network that uses a communications protocol which does not require use of an address, and on which an authentication server is listening, comprising the steps of dividing the secret into a first share and a second share, or more; destroying the secret; transmitting the second share, together with a unique identifier, out of band to a pre-designated location; erasing the second share from the computing device; storing the first share at the computing device; broadcasting the unique identifier over the network; accepting a request over the network from an authentication server to initiate an authentication protocol; responding to the request; receiving the second share from the authentication server; and reconstructing the secret using the received second share and the stored first share.

This application claims the benefit of and incorporates by reference thetext of U.S. Provisional Patent Application No. 62/101,961, filed Jan.9, 2015, titled “Secure Remote Authentication of Local Machine ServicesUsing a Self Discovery Network Protocol ” and is a continuation-in-partof Non-Provisional application Ser. No. 14/991,114 filed Jan. 8, 2016,now pending.

FIELD OF INVENTION

The field of the invention is the secure boot-up of computing devicesover a network and more specifically to methods and systems for secureauthenticated log-on of computing devices during a boot sequence, inwhich a passcode to complete either boot-up or log-on does not existanywhere in the system or network and must be dynamically reconstructedfrom secret shares obtained from one or more servers which are listeningon the network.

BACKGROUND

The Internet has served as a disruptive technology among both socialworlds and machine worlds, introducing new freedoms of access toinformation and remote control of devices. Innovations in mobile andindustrial use of the Internet have been employed to access devices thatare embedded within other systems and may be accessed and controlledremotely. This has developed into a market for the Internet of Things“IoT”, which comprises computing devices that use the Internet as thecommunications transmission medium for collecting, transmitting andreceiving data to control processes within the device, for example, homethermostats, medical instrumentation, controllers of pipelines andenergy systems, and self-driving vehicles, to name only a fewembodiments. The growth of disruptive Internet and communicationstechnologies, however, introduces new threats to criticalinfrastructures implicating privacy, security, safety, andinteroperability. Quite simply, the large number of computing devicesconnected through the Internet is a tantalizing target for hackers.

The growth of process control and monitoring of computing devices on theIoT, or more generally on any network, is characterized by an increasingnumber operating in a headless mode with no attachment to a humaninterface device such as a keyboard, display, or mouse; and thereforhaving no human intervention in their functioning. The problem ofmanaging such computing devices is exacerbated not only by their growingubiquity, but by their headless operation. For convenience, theseheadless computing devices are referred to herein as “HCD” (or in theplural as “HCDs”), but it will be readily apparent to one skilled in theart that such headless state is just a description and not a necessarycondition for practice of the invention. In other words, HCD refers to acomputing device, regardless of the presence, or lack thereof, of inputmeans.

Cybercriminals have been known to insert latent malicious code into anHCD operating system, thereby allowing the malicious code opportunisticentry into the HCD's programs during the next reboot of the operatingsystem. In order to thwart such attacks it is possible to place a cleancopy of the operating system on a separate drive, preferably having aform factor of a USB flash drive, or within a Trusted Computing Basewithin the HCD itself. When that is done, however, it is advantageous toalso have the external or internal drive encrypted and protected by apasscode. One example of an external encrypting flash drive with anoperating system on-board is the WorkSafe Pro™ bootable Windows To Go™flash drive from SPYRUS, Inc.

Encrypting flash drives and encryption protected Trusted Computing Basesare also useable in computation-intensive system process controlapplications in manufacturing, robotics and pharmaceutical plants andsurveillance and monitoring applications in nuclear facilities ormilitary operations where networks of HCDs may contain highly sensitiveinformation or programs. All that is necessary, then, is to enter theappropriate passcode at reboot to permit the HCD to load a safe copy ofthe operating system or gain access to required confidential data orprograms.

To minimize the opportunity window of potential vulnerability the HCDpreferably remains off-line, and performs a reboot and reload of itsoperating systems and application programs and data when it comeson-line, either in response to a local command (such as turning on thelocal device) or command from a remote control center. Either case,however, requires entry of the required passcode to unlock the protectedoperating system and stored data.

Storage of the passcode in the clear on an HCD in either hardware orsoftware is not an option, and because HCDs are often placed in hostileor dangerous high-risk environments, use of the Internet as thetransmission medium to “reach back” to communicate with a remote commandcenter in order to receive the passcode is risky.

Communicating with one or more remote control centers is also difficultbecause storing the IP address of one or more remote command centers atthe HCD is inadvisable (as it exposes the remote centers to attack) orimpracticable (as the information would be ephemeral and unavailablebefore reboot is complete). Manually entering the passcode at the localHCD is also not an option, either because the HCD lacks any input means,or requiring operator intervention is infeasible (due to themultiplicity of devices, or otherwise).

The ease of access to the Internet, for example by any of billions ofsmartphones or computers, has lowered any barrier to maliciouscyberattacks on any computing and communications devices using theInternet for a transmission medium, many of which are part of criticalinfrastructures around the globe, including smart grid power systems,communications systems, manufacturing plants and hospital operating andpatient recovery rooms. Cisco, Inc., predicts there will be 50 billiondevices connected to the Internet by 2020 and that the global IoTeconomic value will be $19 trillion for companies and industriesworldwide in the next decade. Across health-care applications, Internetof Things technology could have an economic impact of $1.1 trillion to$2.5 trillion per year by 2025.

The Center for Strategic and International Studies 2014 estimates thatcyberattacks funded by nation-states with basically unlimited economicand technology resources can also account for the loss of 350,000 jobsin the U.S. and Europe. Worse yet, the threats to national security fromattacks on IOT devices that will be used to control power grids,pipelines, communications systems, banking systems, and transportationvehicles represents threats to national security that are toodevastating to be measured. Breaches can be executed by adversaries fromall quarters. According to a 2014 study cyberattacks cost the globaleconomy about $445 billion.

Independent of the IoT, the field of cryptography has seen developmentof means for secret sharing (also called secret splitting) which aremethods for distributing a secret amongst a group of participants, eachof whom is allocated a share of the secret. The secret can bereconstructed only when a threshold number of shares are combinedtogether; in that case individual shares are of no use on their own.

For example, in one type of secret sharing scheme there is one dealerand n players. The dealer gives a share of the secret to the players,but only when specific conditions are fulfilled will the players be ableto reconstruct the secret from their shares. The dealer accomplishesthis by giving each player a share in such a way that any group of t(for threshold) or more players can together reconstruct the secret butno group of fewer than t players can. Such a system is called a (t,n)-threshold scheme, or a K of N secret sharing mechanism (with K beingthe threshold and N being the number of shares) as used in commonlyowned patent Jueneman, et al., U.S. Pat. No. 9,049,010. Other forms ofsecret splitting or extensions thereof, including how to split a secret,will be known to those of ordinary skill in the art with reference tothis disclosure. Reconstructing a passcode from such shares rather thanstoring and distributing passcodes, would greatly enhance the securityof the overall system.

Therefore, there is a need for a method to maintain security for HCDlogon by transmitting share information to HCDs from one or more remoteservers and reconstructing the passcode only when needed.

SUMMARY

The invention meets this need by providing a method for securedownloading of shares needed for password reconstruction using abroadcast communication protocol which permits each HCD to securelycommunicate with any one of multiple servers.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1A is a flow diagram of one embodiment of the method of theinvention.

FIG. 1B is a flow diagram of another embodiment of the method of theinvention.

FIG. 2 is a schematic for one embodiment of secure remote authenticationaccording to the invention.

FIG. 3 is a flow diagram of an embodiment of the method of the inventionusing a secret sharing algorithm to distribute two secret shares.

FIG. 4 is a flow diagram of a further embodiment of the method of theinvention using a secret sharing algorithm to distribute multiple secretshares.

FIG. 5 is a flow diagram of the method to reconstruct a passcode fromsecret shares.

DETAILED DESCRIPTION

The method of the invention will first be described. Specificembodiments will then be described. These are not meant to narrow thegenerality of the invention, which is usable with a broad range ofdevices, protocols, and circumstances.

Initialization

With reference to FIG. 3 and FIG. 1A, when an HCD 1101 is initiallyshipped to an end user, or purchased in a retail environment, it isdesirable that the device be delivered in a “raw” state so that in Step301 the end user can create any passcode 3101 and public cryptographickey pairs that will be required by HCD 1101. In an alternate embodiment,passcode 3101 can be automatically generated in Step 301 with nooperator involvement. In either case no passcode or private keyinformation is controlled by anyone other than that end user. Further,as explained above, it is desirable to keep a copy of the device'soperating system available in a Trusted Computing Base at the locationof HCD 1101, accessible only by passcode, so that with that passcode thedevice can access the trusted computing base, and load the operatingsystem stored therein to enable startup. This is analogous to keepinginstructions in a vault which is accessible only with a physical key.

Frequently, computing devices separate bootup from access. In thetypical case turning on the device initiates a hardware boot loader thatcauses an operating system to load, which then presents a roadblockscreen to the user which requires a second passcode to enable access. Itwill be understood by one of ordinary skill with reference to thisdisclosure that the method described herein could be used for either orboth of these stages, e.g., to unlock a Trusted Computing Base so thatthe HCD's boot loader can find a pristine version of the operatingsystem to load, and then again to enable the HCD to unlock and grantaccess to the operating system of the HCD. Since the device in ourillustration case is deployed in a network or system as “headless” andtherefore operating autonomously without human input afterinitialization, it may be as a design choice that only one stage ofpasscode roadblock is required.

Thus, it is understood that Step 301 to provide a passcode can beconstructed in multiple ways, and in fact passcode 3101 can refer to oneor more passcodes. With reference to FIG. 3, at initial deployment ofHCD 1101 (e.g., installation at the end user's environment) some meansof creation of a passcode 301 must be employed. In one preferredembodiment a random passcode is generated (as will be evident, this isequivalent to computing a random or pseudo-random number). In that casehuman input of that passcode is not required and it does not need to bedisplayed or stored by the human user.

FIG. 3 describes one embodiment of secret sharing. In the simplestembodiment, in step 303 the passcode is split into two shares 3111 and3112. In accord with how secret shares work, this would be a 2 of 2split, or (2,2). In other words, both shares will be needed toreconstruct the passcode, but neither one by itself can do so. In step305 the passcode is destroyed. Optionally, the shares are shrouded withsome parameter unique to HCD 1101. Then, in step 307 share 3111 isstored at HCD 1101, and share 3112 is sent to Authentication Server 1103(shown in FIG. 1A) to be stored in database 1105.

In a more complex embodiment shown in FIG. 4, Passcode 3101 is splitinto a set of N shares at step 304, using a K of N secret sharingalgorithm as will be known to one of ordinary skill with reference tothis disclosure. Once the set of N shares are created Passcode 3101 isdestroyed as in the embodiment shown in FIG. 3, and is no longer kept atthe HCD, nor anywhere else. In an alternate embodiment, only the set ofK shares necessary to meet the threshold are kept, and the excess sharesare destroyed. Alternately, the K of N algorithm could be constructed sothat K=N and there would be no excess. Either as a consequence of theset up of the algorithm or after destruction of excess shares, in thatfurther embodiment all extant shares would be necessary to reconstructthe passcode.

In one preferred embodiment either the set of 2 shares, N shares, or Kshares undergoes a shrouding operation, wherein each of the individualsecret shares is shrouded using an invertible transform such as XOR, theexclusive OR operator in Boolean algebra, with a different clientidentification parameter unique to HCD 1101 and a table of therelationships is maintained at HCD 1101. If Passcode 3101 is intended tobe used for login after the Trusted Computing Base is accessed, thetable of relationships may optionally be stored in the Trusted ComputingBase. By the method of shrouding, none of the secret shares remain intheir native unshrouded form anywhere in the system thus reducingvulnerabilities to attack. As examples of such client parameters, theshrouding might be done with the HCD's MAC address, the hash of the HCDfirmware, the serial number of semiconductor chips within the HCD, thepublic key of the HCD or other HCD “fingerprint” data. Such shroudedsecret shares would be unusable by any other HCD.

Preferably, a hash of selected client identifier parameters is createdto label each HCD uniquely. There would be other methods to label HCDs,as will be known to those or ordinary skill. The set of the unique HCDidentifier, a public key associated with the HCD, and one or more secretshares (e.g., 3112, etc.) are then transmitted to predeterminedlocations after which all information relating to the transmittedshares, or copies of such shares, are destroyed, such that the number ofsecret shares remaining at the HCD is less than the threshold K neededto reconstitute the destroyed passcode 3101. In other words, in case ofcompromise of the HCD, there would be insufficient information at theHCD to reconstitute passcode 3101. Optionally, in order to reach thecondition that shares remaining at the HCD be less than K, a combinationof destruction of excess shares and transmission of shares could beused. For example, if 6 shares were created, with a threshold of 4, thenone share could be destroyed, and two shares could be transmitted to theremote servers, leaving less than 4 shares at the HCD. In anotherpreferred embodiment, no more than K-1 shares should be transmittedoutside the HCD, so that in case of compromise of the outboundtransmission sufficient shares to reconstitute the passcode would not beobtained.

In one embodiment the set of the HCD unique identifier, the HCD publickey and any secret shares are written to a physical device (perhaps amemory card) and sent via courier or physical delivery service to apredetermined location to be loaded on to an Authentication Server at aremote control center. In that embodiment, for example, the HCD might bedelivered with an SD memory card, and after initialization the end userremoves the card, places it in a pre-addressed envelope, and mails it.Or, in another embodiment, the HCD establishes a secure channel over theInternet to predetermined locations of remote servers and uploads thesets of data. In a still further embodiment, the storage location isunknown, and utilizing an Internet protocol similar to that describedherein, a secure channel is established with an authenticated receivingsite at a previously unknown location. In yet a further embodiment, theHCD establishes a channel over a data connection (such as LTE or 3G),and does not use any Internet connection to transmit the sets of data.

At this point in the method it will be evident that passcode securityhas been maintained. If one of the servers is breached and a singleshare is obtained it cannot be used to reconstruct passcode 3101, sinceK shares are required.

Retrieval of Shares

Turning now to retrieval of the share so that the Passcode may bereconstructed, reference is made to FIG. 1A. After the initializationprocess is completed and the HCD's are deployed, an HCD may not “know”the IP address of the remote control center, and a means of broadcastover a network 1107 using a protocol which does not require knowledge ofIP addresses is required (here a “self discovery network protocol”).Currently, one such protocol which meets this requirement is the UserDiagram Protocol defined by RFC 768 written by John Postel and known asUDP, although other protocols may be used or be developed in the futurewhich do not require knowledge of IP addresses and thus be usable withthe invention, as will be evident to one of ordinary skill in the artwith reference to this disclosure.

As explained above, the acronyms “HCD” and “HCDs” are meant to refer tocomputing devices whether or not they in fact have input means. Thiswill also be apparent to one of ordinary skill with reference to thisdisclosure. In other words, being “headless” is not a necessarycondition for the invention.

With reference to FIG. 1A, the method 100 begins in step 101 and in step103 the HCD 1101 broadcasts a packet over network 1107 using a selfdiscovery network protocol, the packet containing a unique identifier.For example, such unique identifier could be selected from a group ofunique data consisting of a session nonce, the serial number or othermachine “fingerprint” data, a network authorization code (such as isdescribed in the Jueneman '010 patent referenced above), and the publickey of the HCD, or a hash of thereof, or of any combination. Otherunique identifiers are possible, as will be evident to one skilled inthe art. In Step 105 one or more authentication servers 1103 each havinga database 1105 listen to incoming packets and in step 107 when theidentifier information matches an entry in their database they recognizethe HCD and accept the packet and proceed to step 109, and otherwise donot recognize the HCD, reject the packet, and return control to thelistening step 105.

In step 109 the authentication protocol may be as extensive as thecircumstance requires. For example, the HCD 1101 can contain a knownfixed key and a random challenge can be performed by the authenticationserver 1103. It can also employ a unique public key pair that theauthentication server knows the HCD is in possession of. If the HCD doesnot have the private key the authentication will fail.

If successful, the HCD is authenticated and in step 113 may receive theshare or shares needed to reconstruct the passcode. In a furtherembodiment, the authentication server may transmit other protected datato the HCD in step 113, in addition to the login passcode.

In a still further embodiment 110 of the method, with reference to FIG.1B, a gateway 1109 which knows the IP address of the authenticationservers 1103 is listening on network 1107, and it rebroadcasts thepackets over the Internet 1111 using any one of available IP protocols,to the known address of the one or more authentication servers.

With reference to FIG. 2, an embodiment of the invention as applied toHCDs in a nuclear power plant reactor system will be described. Here,the HCDs are connected to sensors for monitoring power transmissionswitchgear directing energy over different power grids.

One or more HCDs 2101 on network 2107 are respectively connected tosensor bundles 2102 which provide respective signals from nuclearreactor switchgear 2104 that route energy to different electricaltransmission networks of a power grid. Storage 2106, which isadvantageously encrypted or protected, or both, is either external andengaged with, or internal to, each of the one or more HCDs and containsthe operating system, application programs, and other data for therespective HCDs and provides access to memory for defense against cyberattacks. In a preferred embodiment storage 2106 is removeably engaged,and has a form factor of a USB flash drive. As will be evident to one ofordinary skill in the art, such storage could be any type of datarepository known now or in the future, including drives, flash memory,or the like. In a further embodiment, storage 2106 is bootable. Network2107 is also connected to a network gateway 2109 to convert theprotocols of network 2107 to the protocol of the Internet 2111 overwhich one or more VPN connections 2115 are created to connect to one ormore authentication servers 2103. Each authentication server controls adatabase 2105 containing the authentication parameters in the form ofkeys, PINs or shares needed to reconstruct passcodes specific to HCDs2101 log on policies.

HCDs 2101 (or any one or more of these) power up in pre-boot mode. Theirindividual boot loaders execute using the HCD's internal BIOS to connectto the network 2107 which passes the information through the networkgateway 2109 to each of the authentication servers 2103 using theInternet 2111 as the transmission medium.

In one embodiment, the IP address of the one or more authenticationservers is not known to the HCDs. In that case, gateway 2109 broadcastsout a UDP packet of information over the VPN connections 2115.

In that embodiment, this broadcast packet contains a unique identifierwhich is composed of a hash of HCD client parameters and the public keyof the broadcasting HCD. The authentication servers listen to incomingpackets and when the identifier information matches an entry in theirdatabase they accept the packet, and otherwise reject the packet.

The server which has accepted the packet, in that embodiment, then usesa public key challenge response protocol (or other authenticationprotocol) to establish a secure point-to-point connection with the HCD.If successfully completed, a shrouded share is sent to the HCD where thenecessary passcode is reconstructed.

In a further embodiment, one or more of the HCDs may incorporate atrusted computer base TCB 2117 to protect critical security parameters.As with storage 2106, the TCB could be internal or external to the HCD.In a further embodiment, it could be removably engaged with the HCD, andin a still further embodiment could contain storage 2106. The TCB,broadly, is a set of cryptographic protection mechanisms that enforces asecurity policy so that access to resources such as storage for anoperating system, programs and data, or computing resources, cannot beachieved unless specific rules and procedures are followed. The TrustedComputer System Evaluation Criteria from the United States Department ofDefense (also referred to as the “Orange Book”) defines a TCB as “thetotality of protection mechanisms within a computer system . . . thecombination of which is responsible for enforcing a security policy. Itcreates a basic protection environment and provides additional userservices required for a trusted computer system.” An appropriatelydesigned cryptographic token can, for example, contain a TCB.Appropriate design might include features such as a tamper proof case,nonmodifiable firmware, and zeroization of sensitive data upon intrusiondetection. A secure operating system is another example of a TCB.

Although superseded (e.g., by Common Criteria for Information TechnologySecurity Evaluation) reference to the Orange Book will be understood byone skilled in the art with reference to this disclosure as a broadreference to that portion of a computing system which is responsible forenforcing a security policy.

If a TCB is employed it will require an access code to gain access toit, and this is a further example of the sort of information that couldbe reconstructed using shares.

Embodiments of the present invention may be implemented in hardware, oras software modules running on one or more processors, or in acombination thereof. That is, those skilled in the art will appreciatethat special hardware circuits such as Application Specific IntegratedCircuits (ASICs) or Digital Signal Processors (DSPs) may be used inpractice to implement some or all of the functionality of all componentsof the present invention. It should be noted that the describedembodiments are exemplary rather than limiting the present invention.Substitute embodiments may be designed by those skilled in the artwithout departing from the scope of the claims enclosed.

Reconstruction of Passcode

Having received shares from an Authentication Server in Step 113, withreference to FIG. 5, the HCD must proceed with reconstruction of thepasscode 3101. The received shares, together with the stored shares,must be un-shrouded if necessary through an inverse process that will beunderstood by those of ordinary skill. Then, in step 501 an inversesecret sharing algorithm is employed as a function of the unshroudedreceived shares and the unshrouded stored shares, with an output ofpasscode 3101. One preferred technique for recovering the passcode is toemploy a reverse Shamir secret sharing algorithm with the Lagrangepolynomial interpolation method, well known to those skilled in thecryptographic art, on the unshrouded shares.

In any embodiment, there is a distinct advantage over prior art wherepasscodes or tokens for each client are stored with potentially hundredsor thousands of remote authentication servers that may be present in anIoT “Internet of Things” network, thus leaving them vulnerable to stolenpassword security breaches and brute force attacks from cybercriminals.In the invention, there are no passcodes, no sign-on credentials ortokens, nor any objects or digital values that can be used to boot up anHCD stored anywhere.

1. A method for authentication of a computing device so that shares of asecret may be delivered, over a network that uses a communicationsprotocol which does not require use of an address, and on which anauthentication server is listening, comprising the steps of: a. dividingthe secret into a first share and a second share; b. destroying thesecret; c. transmitting the second share, together with a uniqueidentifier, out of band to a pre-designated location; d. erasing thesecond share from the computing device; e. storing the first share atthe computing device; f. broadcasting the unique identifier over thenetwork; g. accepting a request over the network from an authenticationserver to initiate an authentication protocol; f. responding to therequest; g. receiving the second share from the authentication server;and h. reconstructing the secret using the received second share and thestored first share.
 2. The method of claim 1, where the uniqueidentifier is selected from the group of unique data consisting of aserial number, machine fingerprint data, a network authorization code, apublic key, and a session nonce.
 3. The method of claim 2, where theunique identifier further comprises a hash of the unique data.
 4. Themethod of claim 1, where the first and second shares have been shrouded.5. The method of claim 1, where the dividing step comprises dividing thesecret into a first share, a second share, and one or more additionalshares wherein the total number of shares may be represented by a numberN, and such that a threshold number of shares represented by a number K,being less than N, will be required to reconstruct the secret; thetransmitting step comprises transmitting the second share and one ormore of the additional shares, together with a unique identifier, out ofband to a pre-designated location.
 6. The method of claim 5, where theerasing step comprises erasing all transmitted shares from the computingdevice.
 7. The method of claim 6, where the transmitting step furthercomprises transmitting no more than K-1 shares, the storing step furthercomprises storing no more than K-1 shares, the receiving step comprisesreceiving one or more shares from the authentication server such thatthe number of stored shares, plus the number of received shares equalsor exceeds K, and the reconstructing step comprises reconstructing thesecret using K or more of the received shares and the stored shares.